diff --git a/docs/sdk/config/security_services/anti_spyware.md b/docs/sdk/config/security_services/anti_spyware.md
index 5991ab3c..4a1ae6b6 100644
--- a/docs/sdk/config/security_services/anti_spyware.md
+++ b/docs/sdk/config/security_services/anti_spyware.md
@@ -1,12 +1,17 @@
# Anti-Spyware Profile
-The `AntiSpywareProfile` class manages Anti-Spyware Profiles in Palo Alto Networks' Strata Cloud Manager.
+The `AntiSpywareProfile` class manages Anti-Spyware Profiles in Palo Alto Networks' Strata Cloud Manager. It provides
+methods to create, retrieve, update, delete, and list Anti-Spyware Profiles using the Strata Cloud Manager API.
-## Overview
+## Class Definition
-This class provides methods to create, retrieve, update, delete, and list Anti-Spyware Profiles using the Strata Cloud
-Manager API. It supports operations within folders, snippets, or devices, and allows filtering of profiles based on
-various criteria.
+```python
+class AntiSpywareProfile(BaseObject):
+ ENDPOINT = "/config/security/v1/anti-spyware-profiles"
+
+ def __init__(self, api_client):
+ super().__init__(api_client)
+```
## Methods
@@ -14,16 +19,10 @@ various criteria.
Creates a new Anti-Spyware Profile.
-
-
-
-
```python
def create(self, data: Dict[str, Any]) -> AntiSpywareProfileResponseModel:
```
-
-
#### Parameters
- `data` (Dict[str, Any]): A dictionary containing the Anti-Spyware Profile configuration.
@@ -36,24 +35,29 @@ def create(self, data: Dict[str, Any]) -> AntiSpywareProfileResponseModel:
-
-
```python
-anti_spyware_profile = AntiSpywareProfile(api_client)
+from pan_scm_sdk import SCMClient
+from pan_scm_sdk.config.security import AntiSpywareProfile
+
+client = SCMClient(client_id="your-client-id", client_secret="your-client-secret")
+anti_spyware = AntiSpywareProfile(client)
+
profile_data = {
- "name": "Custom Anti-Spyware Profile",
- "description": "A custom anti-spyware profile",
- "folder": "My Folder",
+ "name": "Example Profile",
+ "description": "An example Anti-Spyware Profile",
+ "folder": "Shared",
"rules": [
{
- "name": "Block Critical Threats",
- "severity": ["critical"],
+ "name": "Rule 1",
+ "severity": ["critical", "high"],
"category": "spyware",
- "action": {"block_ip": {"track_by": "source", "duration": 300}}
+ "action": {"alert": {}}
}
]
}
-created_profile = anti_spyware_profile.create(profile_data)
+
+created_profile = anti_spyware.create(profile_data)
+print(f"Created profile ID: {created_profile.id}")
```
@@ -62,16 +66,10 @@ created_profile = anti_spyware_profile.create(profile_data)
Retrieves an Anti-Spyware Profile by its ID.
-
-
-
-
```python
def get(self, object_id: str) -> AntiSpywareProfileResponseModel:
```
-
-
#### Parameters
- `object_id` (str): The ID of the Anti-Spyware Profile to retrieve.
@@ -84,11 +82,10 @@ def get(self, object_id: str) -> AntiSpywareProfileResponseModel:
-
-
```python
-anti_spyware_profile = AntiSpywareProfile(api_client)
-profile = anti_spyware_profile.get("profile-123")
+profile_id = "1234567890abcdef"
+retrieved_profile = anti_spyware.get(profile_id)
+print(f"Retrieved profile name: {retrieved_profile.name}")
```
@@ -97,16 +94,10 @@ profile = anti_spyware_profile.get("profile-123")
Updates an existing Anti-Spyware Profile.
-
-
-
-
```python
def update(self, object_id: str, data: Dict[str, Any]) -> AntiSpywareProfileResponseModel:
```
-
-
#### Parameters
- `object_id` (str): The ID of the Anti-Spyware Profile to update.
@@ -120,23 +111,22 @@ def update(self, object_id: str, data: Dict[str, Any]) -> AntiSpywareProfileResp
-
-
```python
-anti_spyware_profile = AntiSpywareProfile(api_client)
-updated_data = {
- "name": "Updated Anti-Spyware Profile",
- "description": "An updated anti-spyware profile",
+profile_id = "1234567890abcdef"
+update_data = {
+ "description": "Updated Anti-Spyware Profile description",
"rules": [
{
- "name": "Alert on High Threats",
- "severity": ["high"],
+ "name": "Updated Rule",
+ "severity": ["critical", "high", "medium"],
"category": "spyware",
- "action": {"alert": {}}
+ "action": {"drop": {}}
}
]
}
-updated_profile = anti_spyware_profile.update("profile-123", updated_data)
+
+updated_profile = anti_spyware.update(profile_id, update_data)
+print(f"Updated profile description: {updated_profile.description}")
```
@@ -145,16 +135,10 @@ updated_profile = anti_spyware_profile.update("profile-123", updated_data)
Deletes an Anti-Spyware Profile.
-
-
-
-
```python
def delete(self, object_id: str) -> None:
```
-
-
#### Parameters
- `object_id` (str): The ID of the Anti-Spyware Profile to delete.
@@ -163,11 +147,10 @@ def delete(self, object_id: str) -> None:
-
-
```python
-anti_spyware_profile = AntiSpywareProfile(api_client)
-anti_spyware_profile.delete("profile-123")
+profile_id = "1234567890abcdef"
+anti_spyware.delete(profile_id)
+print(f"Deleted profile with ID: {profile_id}")
```
@@ -176,10 +159,6 @@ anti_spyware_profile.delete("profile-123")
Lists Anti-Spyware Profiles based on specified criteria.
-
-
-
-
```python
def list(
self,
@@ -193,15 +172,13 @@ def list(
) -> List[AntiSpywareProfileResponseModel]:
```
-
-
#### Parameters
- `folder` (Optional[str]): The folder to list profiles from.
- `snippet` (Optional[str]): The snippet to list profiles from.
- `device` (Optional[str]): The device to list profiles from.
- `offset` (Optional[int]): The offset for pagination.
-- `limit` (Optional[int]): The limit for pagination.
+- `limit` (Optional[int]): The maximum number of profiles to return.
- `name` (Optional[str]): Filter profiles by name.
- `**filters`: Additional filters to apply.
@@ -213,93 +190,116 @@ def list(
-
-
```python
-anti_spyware_profile = AntiSpywareProfile(api_client)
-profiles = anti_spyware_profile.list(folder="My Folder", limit=10, name="Custom")
-```
+# List profiles in a specific folder
+folder_profiles = anti_spyware.list(folder="Shared", limit=10)
+print(f"Number of profiles in Shared folder: {len(folder_profiles)}")
-
-
-## Error Handling
+# List profiles with a specific name pattern
+named_profiles = anti_spyware.list(name="Test*", limit=5)
+print(f"Number of profiles starting with 'Test': {len(named_profiles)}")
-The `AntiSpywareProfile` class may raise the following exceptions:
+# List profiles with custom filters
+custom_profiles = anti_spyware.list(folder="Custom", severity="high", limit=20)
+print(f"Number of high-severity profiles in Custom folder: {len(custom_profiles)}")
+```
-- `ValidationError`: Raised when invalid container parameters are provided.
-- `ValueError`: Raised when invalid pagination parameters are provided.
+
-## Additional Examples
+## Complete Example
-### Creating a profile with threat exceptions
+Here's a complete example demonstrating the usage of the `AntiSpywareProfile` class:
-
-
```python
-anti_spyware_profile = AntiSpywareProfile(api_client)
-profile_data = {
- "name": "Profile with Exceptions",
- "description": "Anti-spyware profile with threat exceptions",
- "folder": "Security Policies",
+from pan_scm_sdk import SCMClient
+from pan_scm_sdk.config.security import AntiSpywareProfile
+
+# Initialize the SCM client
+client = SCMClient(client_id="your-client-id", client_secret="your-client-secret")
+
+# Create an AntiSpywareProfile instance
+anti_spyware = AntiSpywareProfile(client)
+
+# Create a new Anti-Spyware Profile
+new_profile_data = {
+ "name": "Comprehensive Anti-Spyware Profile",
+ "description": "A comprehensive Anti-Spyware Profile with multiple rules",
+ "folder": "Shared",
+ "cloud_inline_analysis": True,
+ "inline_exception_edl_url": ["https://example.com/edl1", "https://example.com/edl2"],
+ "inline_exception_ip_address": ["192.168.1.1", "10.0.0.1"],
+ "mica_engine_spyware_enabled": [
+ {"name": "MICA-Engine-1", "inline_policy_action": "alert"},
+ {"name": "MICA-Engine-2", "inline_policy_action": "drop"}
+ ],
"rules": [
{
- "name": "Default Rule",
- "severity": ["any"],
- "category": "any",
- "action": {"alert": {}}
+ "name": "Critical Threats",
+ "severity": ["critical"],
+ "category": "spyware",
+ "action": {"block_ip": {"track_by": "source", "duration": 3600}},
+ "packet_capture": "single-packet"
+ },
+ {
+ "name": "High Severity Threats",
+ "severity": ["high"],
+ "category": "command-and-control",
+ "action": {"reset-both": {}},
+ "packet_capture": "extended-capture"
}
],
"threat_exception": [
{
- "name": "Exception for Known IP",
+ "name": "Exception 1",
"packet_capture": "disable",
"action": {"allow": {}},
- "exempt_ip": [{"name": "10.0.0.1"}]
+ "exempt_ip": [{"name": "192.168.100.1"}],
+ "notes": "Exemption for internal testing server"
}
]
}
-created_profile = anti_spyware_profile.create(profile_data)
-```
-
+created_profile = anti_spyware.create(new_profile_data)
+print(f"Created profile ID: {created_profile.id}")
-### Updating a profile with MICA engine settings
-
-
+# Retrieve the created profile
+retrieved_profile = anti_spyware.get(created_profile.id)
+print(f"Retrieved profile name: {retrieved_profile.name}")
-
-
-```python
-anti_spyware_profile = AntiSpywareProfile(api_client)
-updated_data = {
- "name": "Updated MICA Profile",
- "description": "Profile with MICA engine settings",
- "mica_engine_spyware_enabled": [
- {
- "name": "MICA-Engine-1",
- "inline_policy_action": "alert"
- },
- {
- "name": "MICA-Engine-2",
- "inline_policy_action": "drop"
- }
- ],
+# Update the profile
+update_data = {
+ "description": "Updated comprehensive Anti-Spyware Profile",
"rules": [
{
- "name": "MICA Rule",
- "severity": ["high", "critical"],
+ "name": "Updated Critical Threats",
+ "severity": ["critical", "high"],
"category": "spyware",
- "action": {"reset_both": {}}
+ "action": {"reset-server": {}},
+ "packet_capture": "extended-capture"
}
]
}
-updated_profile = anti_spyware_profile.update("profile-456", updated_data)
+
+updated_profile = anti_spyware.update(created_profile.id, update_data)
+print(f"Updated profile description: {updated_profile.description}")
+
+# List profiles
+list_result = anti_spyware.list(folder="Shared", limit=10)
+print(f"Number of profiles in Shared folder: {len(list_result)}")
+
+# Delete the profile
+anti_spyware.delete(created_profile.id)
+print(f"Deleted profile with ID: {created_profile.id}")
```
+This example demonstrates creating, retrieving, updating, listing, and deleting an Anti-Spyware Profile using the
+`AntiSpywareProfile` class.
+
+
---
## Related Models
diff --git a/docs/sdk/models/security_services/anti_spyware_profile_models.md b/docs/sdk/models/security_services/anti_spyware_profile_models.md
index 42ded69e..9200ceec 100644
--- a/docs/sdk/models/security_services/anti_spyware_profile_models.md
+++ b/docs/sdk/models/security_services/anti_spyware_profile_models.md
@@ -1,138 +1,408 @@
# Anti-Spyware Profile Models
-This section covers the data models associated with the `AntiSpywareProfile` configuration object.
+This page describes the Pydantic models used for Anti-Spyware Profiles in the Strata Cloud Manager SDK.
----
+## AntiSpywareProfileBaseModel
-## AntiSpywareProfileRequestModel
+The base model for Anti-Spyware Profiles, containing common fields.
-Used when creating or updating an anti-spyware profile object.
+```python
+class AntiSpywareProfileBaseModel(BaseModel):
+ name: str
+ description: Optional[str] = None
+ cloud_inline_analysis: Optional[bool] = False
+ inline_exception_edl_url: Optional[List[str]] = None
+ inline_exception_ip_address: Optional[List[str]] = None
+ mica_engine_spyware_enabled: Optional[List[MicaEngineSpywareEnabledEntry]] = None
+```
-### Attributes
+### Fields
-- `name` (str): **Required.** The name of the anti-spyware profile.
-- `description` (Optional[str]): A description of the anti-spyware profile.
-- `cloud_inline_analysis` (Optional[bool]): Enable or disable cloud inline analysis. Defaults to False.
+- `name` (str): Profile name.
+- `description` (Optional[str]): Description of the profile.
+- `cloud_inline_analysis` (Optional[bool]): Enable or disable cloud inline analysis.
- `inline_exception_edl_url` (Optional[List[str]]): List of inline exception EDL URLs.
- `inline_exception_ip_address` (Optional[List[str]]): List of inline exception IP addresses.
- `mica_engine_spyware_enabled` (Optional[List[MicaEngineSpywareEnabledEntry]]): List of MICA engine spyware enabled
entries.
-- **Container Type Fields** (Exactly one must be provided):
- - `folder` (Optional[str]): The folder where the profile is defined.
- - `snippet` (Optional[str]): The snippet where the profile is defined.
- - `device` (Optional[str]): The device where the profile is defined.
-- `rules` (List[RuleRequest]): **Required.** List of rules for the profile.
-- `threat_exception` (Optional[List[ThreatExceptionRequest]]): List of threat exceptions for the profile.
-### Example
+## AntiSpywareProfileRequestModel
+
+Represents an anti-spyware profile for API requests.
```python
-anti_spyware_profile_request = AntiSpywareProfileRequestModel(
- name="test_profile",
- description="Test anti-spyware profile",
- folder="Prisma Access",
- rules=[
- RuleRequest(
- name="rule1",
- severity=["critical", "high"],
- category="spyware",
- action=ActionRequest(root={"alert": {}})
- )
- ]
-)
+class AntiSpywareProfileRequestModel(AntiSpywareProfileBaseModel):
+ folder: Optional[str] = None
+ snippet: Optional[str] = None
+ device: Optional[str] = None
+ rules: List[RuleRequest]
+ threat_exception: Optional[List[ThreatExceptionRequest]] = None
```
----
+### Fields
+
+Inherits all fields from `AntiSpywareProfileBaseModel` and adds:
+
+- `folder` (Optional[str]): Folder name.
+- `snippet` (Optional[str]): Snippet name.
+- `device` (Optional[str]): Device name.
+- `rules` (List[RuleRequest]): List of rules for the profile.
+- `threat_exception` (Optional[List[ThreatExceptionRequest]]): List of threat exceptions.
## AntiSpywareProfileResponseModel
-Used when parsing anti-spyware profile objects retrieved from the API.
+Represents an anti-spyware profile for API responses.
-### Attributes
+```python
+class AntiSpywareProfileResponseModel(AntiSpywareProfileBaseModel):
+ id: str
+ folder: Optional[str] = None
+ snippet: Optional[str] = None
+ device: Optional[str] = None
+ rules: List[RuleResponse]
+ threat_exception: Optional[List[ThreatExceptionResponse]] = None
+```
-- `id` (str): The UUID of the anti-spyware profile object.
-- `name` (str): The name of the anti-spyware profile.
-- `description` (Optional[str]): A description of the anti-spyware profile.
-- `cloud_inline_analysis` (Optional[bool]): Cloud inline analysis setting.
-- `inline_exception_edl_url` (Optional[List[str]]): List of inline exception EDL URLs.
-- `inline_exception_ip_address` (Optional[List[str]]): List of inline exception IP addresses.
-- `mica_engine_spyware_enabled` (Optional[List[MicaEngineSpywareEnabledEntry]]): List of MICA engine spyware enabled
- entries.
-- **Container Type Fields**:
- - `folder` (Optional[str]): The folder where the profile is defined.
- - `snippet` (Optional[str]): The snippet where the profile is defined.
- - `device` (Optional[str]): The device where the profile is defined.
+### Fields
+
+Inherits all fields from `AntiSpywareProfileBaseModel` and adds:
+
+- `id` (str): Profile ID.
+- `folder` (Optional[str]): Folder name.
+- `snippet` (Optional[str]): Snippet name.
+- `device` (Optional[str]): Device name.
- `rules` (List[RuleResponse]): List of rules for the profile.
-- `threat_exception` (Optional[List[ThreatExceptionResponse]]): List of threat exceptions for the profile.
+- `threat_exception` (Optional[List[ThreatExceptionResponse]]): List of threat exceptions.
+
+## Examples
-### Example
+### Example 1: Creating an AntiSpywareProfileRequestModel
+
+
```python
-anti_spyware_profile_response = AntiSpywareProfileResponseModel(
- id="123e4567-e89b-12d3-a456-426655440000",
- name="test_profile",
- description="Test anti-spyware profile",
- folder="Prisma Access",
+from pan_scm_sdk.models.security import (
+ AntiSpywareProfileRequestModel,
+ RuleRequest,
+ ActionRequest,
+ Severity,
+ Category,
+ PacketCapture,
+)
+
+profile_request = AntiSpywareProfileRequestModel(
+ name="Example Profile",
+ description="An example Anti-Spyware Profile",
+ folder="Shared",
+ rules=[
+ RuleRequest(
+ name="Rule 1",
+ severity=[Severity.critical, Severity.high],
+ category=Category.spyware,
+ action=ActionRequest(root={"alert": {}}),
+ packet_capture=PacketCapture.single_packet,
+ )
+ ],
+)
+
+print(profile_request.model_dump_json(indent=2))
+```
+
+
+
+### Example 2: Creating an AntiSpywareProfileResponseModel
+
+
+
+```python
+from pan_scm_sdk.models.security import (
+ AntiSpywareProfileResponseModel,
+ RuleResponse,
+ ActionResponse,
+ Severity,
+ Category,
+ PacketCapture,
+)
+
+profile_response = AntiSpywareProfileResponseModel(
+ id="1234567890abcdef",
+ name="Example Profile",
+ description="An example Anti-Spyware Profile",
+ folder="Shared",
rules=[
RuleResponse(
- name="rule1",
- severity=["critical", "high"],
- category="spyware",
- action=ActionResponse(root={"alert": {}})
+ name="Rule 1",
+ severity=[Severity.critical, Severity.high],
+ category=Category.spyware,
+ action=ActionResponse(root={"alert": {}}),
+ packet_capture=PacketCapture.single_packet,
+ )
+ ],
+)
+
+print(profile_response.model_dump_json(indent=2))
+```
+
+
+
+### Example 3: Using MicaEngineSpywareEnabledEntry
+
+
+
+```python
+from pan_scm_sdk.models.security import (
+ AntiSpywareProfileRequestModel,
+ MicaEngineSpywareEnabledEntry,
+ InlinePolicyAction,
+)
+
+profile_request = AntiSpywareProfileRequestModel(
+ name="MICA Engine Profile",
+ description="Profile with MICA engine settings",
+ folder="Shared",
+ mica_engine_spyware_enabled=[
+ MicaEngineSpywareEnabledEntry(
+ name="MICA-Engine-1",
+ inline_policy_action=InlinePolicyAction.alert,
+ ),
+ MicaEngineSpywareEnabledEntry(
+ name="MICA-Engine-2",
+ inline_policy_action=InlinePolicyAction.drop,
+ ),
+ ],
+ rules=[], # Add rules as needed
+)
+
+print(profile_request.model_dump_json(indent=2))
+```
+
+
+
+### Example 4: Using ThreatExceptionRequest
+
+
+
+```python
+from pan_scm_sdk.models.security import (
+ AntiSpywareProfileRequestModel,
+ ThreatExceptionRequest,
+ ActionRequest,
+ PacketCapture,
+ ExemptIpEntry,
+)
+
+profile_request = AntiSpywareProfileRequestModel(
+ name="Profile with Exceptions",
+ description="Profile demonstrating threat exceptions",
+ folder="Shared",
+ rules=[], # Add rules as needed
+ threat_exception=[
+ ThreatExceptionRequest(
+ name="Exception 1",
+ packet_capture=PacketCapture.disable,
+ action=ActionRequest(root={"allow": {}}),
+ exempt_ip=[ExemptIpEntry(name="192.168.1.1")],
+ notes="Exemption for internal server",
)
- ]
+ ],
)
+
+print(profile_request.model_dump_json(indent=2))
```
----
+
-## Additional Models
+### Example 5: Using BlockIpAction
-### MicaEngineSpywareEnabledEntry
+
-Represents an entry in the 'mica_engine_spyware_enabled' list.
+```python
+from pan_scm_sdk.models.security import (
+ AntiSpywareProfileRequestModel,
+ RuleRequest,
+ ActionRequest,
+ Severity,
+ Category,
+ BlockIpAction,
+)
-#### Attributes
+profile_request = AntiSpywareProfileRequestModel(
+ name="Block IP Profile",
+ description="Profile demonstrating block IP action",
+ folder="Shared",
+ rules=[
+ RuleRequest(
+ name="Block IP Rule",
+ severity=[Severity.critical],
+ category=Category.spyware,
+ action=ActionRequest(
+ root={
+ "block_ip": BlockIpAction(
+ track_by="source",
+ duration=3600,
+ ).model_dump()
+ }
+ ),
+ )
+ ],
+)
-- `name` (str): Name of the MICA engine spyware detector.
-- `inline_policy_action` (InlinePolicyAction): Action to be taken by the inline policy.
+print(profile_request.model_dump_json(indent=2))
+```
-### RuleRequest and RuleResponse
+
-Represents a rule in the anti-spyware profile.
+### Example 6: Using multiple rules and threat exceptions
-#### Attributes
+
-- `name` (str): Rule name.
-- `severity` (List[Severity]): List of severities.
-- `category` (Category): Category of the rule.
-- `threat_name` (Optional[str]): Threat name.
-- `packet_capture` (Optional[PacketCapture]): Packet capture setting.
-- `action` (ActionRequest or ActionResponse): Action to be taken.
+```python
+from pan_scm_sdk.models.security import (
+ AntiSpywareProfileRequestModel,
+ RuleRequest,
+ ThreatExceptionRequest,
+ ActionRequest,
+ Severity,
+ Category,
+ PacketCapture,
+ ExemptIpEntry,
+)
-### ThreatExceptionRequest and ThreatExceptionResponse
+profile_request = AntiSpywareProfileRequestModel(
+ name="Comprehensive Profile",
+ description="Profile with multiple rules and exceptions",
+ folder="Shared",
+ cloud_inline_analysis=True,
+ inline_exception_edl_url=["https://example.com/edl1", "https://example.com/edl2"],
+ inline_exception_ip_address=["192.168.1.1", "10.0.0.1"],
+ rules=[
+ RuleRequest(
+ name="Critical Threats",
+ severity=[Severity.critical],
+ category=Category.spyware,
+ action=ActionRequest(root={"drop": {}}),
+ packet_capture=PacketCapture.single_packet,
+ ),
+ RuleRequest(
+ name="High Severity Threats",
+ severity=[Severity.high],
+ category=Category.command_and_control,
+ action=ActionRequest(root={"reset-both": {}}),
+ packet_capture=PacketCapture.extended_capture,
+ ),
+ ],
+ threat_exception=[
+ ThreatExceptionRequest(
+ name="Exception 1",
+ packet_capture=PacketCapture.disable,
+ action=ActionRequest(root={"allow": {}}),
+ exempt_ip=[ExemptIpEntry(name="192.168.100.1")],
+ notes="Exemption for internal testing server",
+ )
+ ],
+)
-Represents a threat exception in the anti-spyware profile.
+print(profile_request.model_dump_json(indent=2))
+```
-#### Attributes
+
-- `name` (str): Threat exception name.
-- `packet_capture` (PacketCapture): Packet capture setting.
-- `exempt_ip` (Optional[List[ExemptIpEntry]]): Exempt IP list.
-- `notes` (Optional[str]): Notes.
-- `action` (ActionRequest or ActionResponse): Action to be taken.
+## Complete Example
-### ActionRequest and ActionResponse
+Here's a complete example demonstrating the usage of Anti-Spyware Profile models:
-Represents the 'action' field in rules and threat exceptions.
+
-#### Methods
+```python
+from pan_scm_sdk.models.security import (
+ AntiSpywareProfileRequestModel,
+ RuleRequest,
+ ThreatExceptionRequest,
+ ActionRequest,
+ Severity,
+ Category,
+ PacketCapture,
+ ExemptIpEntry,
+ MicaEngineSpywareEnabledEntry,
+ InlinePolicyAction,
+ BlockIpAction,
+)
-- `get_action_name() -> str`: Returns the name of the action.
+# Create a comprehensive Anti-Spyware Profile request
+profile_request = AntiSpywareProfileRequestModel(
+ name="Comprehensive Anti-Spyware Profile",
+ description="A comprehensive Anti-Spyware Profile with multiple rules and settings",
+ folder="Shared",
+ cloud_inline_analysis=True,
+ inline_exception_edl_url=["https://example.com/edl1", "https://example.com/edl2"],
+ inline_exception_ip_address=["192.168.1.1", "10.0.0.1"],
+ mica_engine_spyware_enabled=[
+ MicaEngineSpywareEnabledEntry(
+ name="MICA-Engine-1",
+ inline_policy_action=InlinePolicyAction.alert,
+ ),
+ MicaEngineSpywareEnabledEntry(
+ name="MICA-Engine-2",
+ inline_policy_action=InlinePolicyAction.drop,
+ ),
+ ],
+ rules=[
+ RuleRequest(
+ name="Critical Threats",
+ severity=[Severity.critical],
+ category=Category.spyware,
+ action=ActionRequest(
+ root={
+ "block_ip": BlockIpAction(
+ track_by="source",
+ duration=3600,
+ ).model_dump()
+ }
+ ),
+ packet_capture=PacketCapture.single_packet,
+ ),
+ RuleRequest(
+ name="High Severity Threats",
+ severity=[Severity.high],
+ category=Category.command_and_control,
+ action=ActionRequest(root={"reset-both": {}}),
+ packet_capture=PacketCapture.extended_capture,
+ ),
+ ],
+ threat_exception=[
+ ThreatExceptionRequest(
+ name="Exception 1",
+ packet_capture=PacketCapture.disable,
+ action=ActionRequest(root={"allow": {}}),
+ exempt_ip=[ExemptIpEntry(name="192.168.100.1")],
+ notes="Exemption for internal testing server",
+ )
+ ],
+)
+
+# Print the JSON representation of the profile request
+print(profile_request.model_dump_json(indent=2))
+
+# Validate the model
+try:
+ profile_request.model_validate(profile_request.model_dump())
+ print("\nProfile request model is valid.")
+except ValueError as e:
+ print(f"\nValidation error: {e}")
+
+# Create a response model based on the request
+profile_response = AntiSpywareProfileResponseModel(
+ id="1234567890abcdef",
+ **profile_request.model_dump()
+)
+
+# Print the JSON representation of the profile response
+print("\nProfile Response:")
+print(profile_response.model_dump_json(indent=2))
+```
-### Enums
+
-- `InlinePolicyAction`: Enumeration of allowed inline policy actions.
-- `PacketCapture`: Enumeration of packet capture options.
-- `Severity`: Enumeration of severity levels.
-- `Category`: Enumeration of threat categories.
+This example demonstrates creating a comprehensive Anti-Spyware Profile request model, validating it, and then creating
+a response model based on the request. It showcases the usage of various nested models and fields within the
+Anti-Spyware Profile models.
\ No newline at end of file